1. 17 Jan, 2012 23 commits
    • Eric Paris's avatar
      audit: complex interfield comparison helper · b34b0393
      Eric Paris authored
      Rather than code the same loop over and over implement a helper function which
      uses some pointer magic to make it generic enough to be used numerous places
      as we implement more audit interfield comparisons
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      b34b0393
    • Eric Paris's avatar
      audit: allow interfield comparison in audit rules · 02d86a56
      Eric Paris authored
      We wish to be able to audit when a uid=500 task accesses a file which is
      uid=0.  Or vice versa.  This patch introduces a new audit filter type
      AUDIT_FIELD_COMPARE which takes as an 'enum' which indicates which fields
      should be compared.  At this point we only define the task->uid vs
      inode->uid, but other comparisons can be added.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      02d86a56
    • Nathaniel Husted's avatar
      Kernel: Audit Support For The ARM Platform · 29ef73b7
      Nathaniel Husted authored
      This patch provides functionality to audit system call events on the
      ARM platform. The implementation was based off the structure of the
      MIPS platform and information in this
      (http://lists.fedoraproject.org/pipermail/arm/2009-October/000382.html)
      mailing list thread. The required audit_syscall_exit and
      audit_syscall_entry checks were added to ptrace using the standard
      registers for system call values (r0 through r3). A thread information
      flag was added for auditing (TIF_SYSCALL_AUDIT) and a meta-flag was
      added (_TIF_SYSCALL_WORK) to simplify modifications to the syscall
      entry/exit. Now, if either the TRACE flag is set or the AUDIT flag is
      set, the syscall_trace function will be executed. The prober changes
      were made to Kconfig to allow CONFIG_AUDITSYSCALL to be enabled.
      
      Due to platform availability limitations, this patch was only tested
      on the Android platform running the modified "android-goldfish-2.6.29"
      kernel. A test compile was performed using Code Sourcery's
      cross-compilation toolset and the current linux-3.0 stable kernel. The
      changes compile without error. I'm hoping, due to the simple modifications,
      the patch is "obviously correct".
      Signed-off-by: default avatarNathaniel Husted <nhusted@gmail.com>
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      29ef73b7
    • Eric Paris's avatar
      audit: do not call audit_getname on error · 4043cde8
      Eric Paris authored
      Just a code cleanup really.  We don't need to make a function call just for
      it to return on error.  This also makes the VFS function even easier to follow
      and removes a conditional on a hot path.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      4043cde8
    • Eric Paris's avatar
      audit: only allow tasks to set their loginuid if it is -1 · 633b4545
      Eric Paris authored
      At the moment we allow tasks to set their loginuid if they have
      CAP_AUDIT_CONTROL.  In reality we want tasks to set the loginuid when they
      log in and it be impossible to ever reset.  We had to make it mutable even
      after it was once set (with the CAP) because on update and admin might have
      to restart sshd.  Now sshd would get his loginuid and the next user which
      logged in using ssh would not be able to set his loginuid.
      
      Systemd has changed how userspace works and allowed us to make the kernel
      work the way it should.  With systemd users (even admins) are not supposed
      to restart services directly.  The system will restart the service for
      them.  Thus since systemd is going to loginuid==-1, sshd would get -1, and
      sshd would be allowed to set a new loginuid without special permissions.
      
      If an admin in this system were to manually start an sshd he is inserting
      himself into the system chain of trust and thus, logically, it's his
      loginuid that should be used!  Since we have old systems I make this a
      Kconfig option.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      633b4545
    • Eric Paris's avatar
      audit: remove task argument to audit_set_loginuid · 0a300be6
      Eric Paris authored
      The function always deals with current.  Don't expose an option
      pretending one can use it for something.  You can't.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      0a300be6
    • Eric Paris's avatar
      audit: allow audit matching on inode gid · 54d3218b
      Eric Paris authored
      Much like the ability to filter audit on the uid of an inode collected, we
      should be able to filter on the gid of the inode.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      54d3218b
    • Eric Paris's avatar
      audit: allow matching on obj_uid · efaffd6e
      Eric Paris authored
      Allow syscall exit filter matching based on the uid of the owner of an
      inode used in a syscall.  aka:
      
      auditctl -a always,exit -S open -F obj_uid=0 -F perm=wa
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      efaffd6e
    • Eric Paris's avatar
      audit: remove audit_finish_fork as it can't be called · 6422e78d
      Eric Paris authored
      Audit entry,always rules are not allowed and are automatically changed in
      exit,always rules in userspace.  The kernel refuses to load such rules.
      
      Thus a task in the middle of a syscall (and thus in audit_finish_fork())
      can only be in one of two states: AUDIT_BUILD_CONTEXT or AUDIT_DISABLED.
      Since the current task cannot be in AUDIT_RECORD_CONTEXT we aren't every
      going to actually use the code in audit_finish_fork() since it will
      return without doing anything.  Thus drop the code.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      6422e78d
    • Eric Paris's avatar
      audit: reject entry,always rules · 7ff68e53
      Eric Paris authored
      We deprecated entry,always rules a long time ago.  Reject those rules as
      invalid.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      7ff68e53
    • Eric Paris's avatar
      audit: inline audit_free to simplify the look of generic code · a4ff8dba
      Eric Paris authored
      make the conditional a static inline instead of doing it in generic code.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      a4ff8dba
    • Eric Paris's avatar
      audit: drop audit_set_macxattr as it doesn't do anything · 38cdce53
      Eric Paris authored
      unused.  deleted.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      38cdce53
    • Eric Paris's avatar
      audit: inline checks for not needing to collect aux records · 07c49417
      Eric Paris authored
      A number of audit hooks make function calls before they determine that
      auxilary records do not need to be collected.  Do those checks as static
      inlines since the most common case is going to be that records are not
      needed and we can skip the function call overhead.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      07c49417
    • Eric Paris's avatar
      audit: drop some potentially inadvisable likely notations · 56179a6e
      Eric Paris authored
      The audit code makes heavy use of likely() and unlikely() macros, but they
      don't always make sense.  Drop any that seem questionable and let the
      computer do it's thing.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      56179a6e
    • Eric Paris's avatar
      audit: remove AUDIT_SETUP_CONTEXT as it isn't used · 997f5b64
      Eric Paris authored
      Audit contexts have 3 states.  Disabled, which doesn't collect anything,
      build, which collects info but might not emit it, and record, which
      collects and emits.  There is a 4th state, setup, which isn't used.  Get
      rid of it.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      997f5b64
    • Eric Paris's avatar
      audit: inline audit_syscall_entry to reduce burden on archs · b05d8447
      Eric Paris authored
      Every arch calls:
      
      if (unlikely(current->audit_context))
      	audit_syscall_entry()
      
      which requires knowledge about audit (the existance of audit_context) in
      the arch code.  Just do it all in static inline in audit.h so that arch's
      can remain blissfully ignorant.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      b05d8447
    • Eric Paris's avatar
      audit: ia32entry.S sign extend error codes when calling 64 bit code · f031cd25
      Eric Paris authored
      In the ia32entry syscall exit audit fastpath we have assembly code which calls
      __audit_syscall_exit directly.  This code was, however, zeroes the upper 32
      bits of the return code.  It then proceeded to call code which expects longs
      to be 64bits long.  In order to handle code which expects longs to be 64bit we
      sign extend the return code if that code is an error.  Thus the
      __audit_syscall_exit function can correctly handle using the values in
      snprintf("%ld").  This fixes the regression introduced in 5cbf1565.
      
      Old record:
      type=SYSCALL msg=audit(1306197182.256:281): arch=40000003 syscall=192 success=no exit=4294967283
      New record:
      type=SYSCALL msg=audit(1306197182.256:281): arch=40000003 syscall=192 success=no exit=-13
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      Acked-by: default avatarH. Peter Anvin <hpa@zytor.com>
      f031cd25
    • Eric Paris's avatar
      Audit: push audit success and retcode into arch ptrace.h · d7e7528b
      Eric Paris authored
      The audit system previously expected arches calling to audit_syscall_exit to
      supply as arguments if the syscall was a success and what the return code was.
      Audit also provides a helper AUDITSC_RESULT which was supposed to simplify things
      by converting from negative retcodes to an audit internal magic value stating
      success or failure.  This helper was wrong and could indicate that a valid
      pointer returned to userspace was a failed syscall.  The fix is to fix the
      layering foolishness.  We now pass audit_syscall_exit a struct pt_reg and it
      in turns calls back into arch code to collect the return value and to
      determine if the syscall was a success or failure.  We also define a generic
      is_syscall_success() macro which determines success/failure based on if the
      value is < -MAX_ERRNO.  This works for arches like x86 which do not use a
      separate mechanism to indicate syscall failure.
      
      We make both the is_syscall_success() and regs_return_value() static inlines
      instead of macros.  The reason is because the audit function must take a void*
      for the regs.  (uml calls theirs struct uml_pt_regs instead of just struct
      pt_regs so audit_syscall_exit can't take a struct pt_regs).  Since the audit
      function takes a void* we need to use static inlines to cast it back to the
      arch correct structure to dereference it.
      
      The other major change is that on some arches, like ia64, MIPS and ppc, we
      change regs_return_value() to give us the negative value on syscall failure.
      THE only other user of this macro, kretprobe_example.c, won't notice and it
      makes the value signed consistently for the audit functions across all archs.
      
      In arch/sh/kernel/ptrace_64.c I see that we were using regs[9] in the old
      audit code as the return value.  But the ptrace_64.h code defined the macro
      regs_return_value() as regs[3].  I have no idea which one is correct, but this
      patch now uses the regs_return_value() function, so it now uses regs[3].
      
      For powerpc we previously used regs->result but now use the
      regs_return_value() function which uses regs->gprs[3].  regs->gprs[3] is
      always positive so the regs_return_value(), much like ia64 makes it negative
      before calling the audit code when appropriate.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      Acked-by: H. Peter Anvin <hpa@zytor.com> [for x86 portion]
      Acked-by: Tony Luck <tony.luck@intel.com> [for ia64]
      Acked-by: Richard Weinberger <richard@nod.at> [for uml]
      Acked-by: David S. Miller <davem@davemloft.net> [for sparc]
      Acked-by: Ralf Baechle <ralf@linux-mips.org> [for mips]
      Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> [for ppc]
      d7e7528b
    • Eric Paris's avatar
      seccomp: audit abnormal end to a process due to seccomp · 85e7bac3
      Eric Paris authored
      The audit system likes to collect information about processes that end
      abnormally (SIGSEGV) as this may me useful intrusion detection information.
      This patch adds audit support to collect information when seccomp forces a
      task to exit because of misbehavior in a similar way.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      85e7bac3
    • Eric Paris's avatar
      audit: check current inode and containing object when filtering on major and minor · 16c174bd
      Eric Paris authored
      The audit system has the ability to filter on the major and minor number of
      the device containing the inode being operated upon.  Lets say that
      /dev/sda1 has major,minor 8,1 and that we mount /dev/sda1 on /boot.  Now lets
      say we add a watch with a filter on 8,1.  If we proceed to open an inode
      inside /boot, such as /vboot/vmlinuz, we will match the major,minor filter.
      
      Lets instead assume that one were to use a tool like debugfs and were to
      open /dev/sda1 directly and to modify it's contents.  We might hope that
      this would also be logged, but it isn't.  The rules will check the
      major,minor of the device containing /dev/sda1.  In other words the rule
      would match on the major/minor of the tmpfs mounted at /dev.
      
      I believe these rules should trigger on either device.  The man page is
      devoid of useful information about the intended semantics.  It only seems
      logical that if you want to know everything that happened on a major,minor
      that would include things that happened to the device itself...
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      16c174bd
    • Eric Paris's avatar
      audit: drop the meaningless and format breaking word 'user' · 3035c51e
      Eric Paris authored
      userspace audit messages look like so:
      
      type=USER msg=audit(1271170549.415:24710): user pid=14722 uid=0 auid=500 ses=1 subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 msg=''
      
      That third field just says 'user'.  That's useless and doesn't follow the
      key=value pair we are trying to enforce.  We already know it came from the
      user based on the record type.  Kill that word.  Die.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      3035c51e
    • Eric Paris's avatar
      audit: dynamically allocate audit_names when not enough space is in the names array · 5195d8e2
      Eric Paris authored
      This patch does 2 things.  First it reduces the number of audit_names
      allocated in every audit context from 20 to 5.  5 should be enough for all
      'normal' syscalls (rename being the worst).  Some syscalls can still touch
      more the 5 inodes such as mount.  When rpc filesystem is mounted it will
      create inodes and those can exceed 5.  To handle that problem this patch will
      dynamically allocate audit_names if it needs more than 5.  This should
      decrease the typicall memory usage while still supporting all the possible
      kernel operations.
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      5195d8e2
    • Eric Paris's avatar
      audit: make filetype matching consistent with other filters · 5ef30ee5
      Eric Paris authored
      Every other filter that matches part of the inodes list collected by audit
      will match against any of the inodes on that list.  The filetype matching
      however had a strange way of doing things.  It allowed userspace to
      indicated if it should match on the first of the second name collected by
      the kernel.  Name collection ordering seems like a kernel internal and
      making userspace rules get that right just seems like a bad idea.  As it
      turns out the userspace audit writers had no idea it was doing this and
      thus never overloaded the value field.  The kernel always checked the first
      name collected which for the tested rules was always correct.
      
      This patch just makes the filetype matching like the major, minor, inode,
      and LSM rules in that it will match against any of the names collected.  It
      also changes the rule validation to reject the old unused rule types.
      
      Noone knew it was there.  Noone used it.  Why keep around the extra code?
      Signed-off-by: default avatarEric Paris <eparis@redhat.com>
      5ef30ee5
  2. 12 Jan, 2012 9 commits
    • Linus Torvalds's avatar
      Merge branch 'x86-platform-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 9fc5c3e3
      Linus Torvalds authored
      * 'x86-platform-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/intel config: Fix the APB_TIMER selection
        x86/mrst: Add additional debug prints for pb_keys
        x86/intel config: Revamp configuration to allow for Moorestown and Medfield
        x86/intel/scu/ipc: Match the changes in the x86 configuration
        x86/apb: Fix configuration constraints
        x86: Fix INTEL_MID silly
        x86/Kconfig: Cyclone-timer depends on x86-summit
        x86: Reduce clock calibration time during slave cpu startup
        x86/config: Revamp configuration for MID devices
        x86/sfi: Kill the IRQ as id hack
      9fc5c3e3
    • Linus Torvalds's avatar
      Merge branch 'x86-debug-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 541048a1
      Linus Torvalds authored
      * 'x86-debug-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86, reboot: Fix typo in nmi reboot path
        x86, NMI: Add to_cpumask() to silence compile warning
        x86, NMI: NMI selftest depends on the local apic
        x86: Add stack top margin for stack overflow checking
        x86, NMI: NMI-selftest should handle the UP case properly
        x86: Fix the 32-bit stackoverflow-debug build
        x86, NMI: Add knob to disable using NMI IPIs to stop cpus
        x86, NMI: Add NMI IPI selftest
        x86, reboot: Use NMI instead of REBOOT_VECTOR to stop cpus
        x86: Clean up the range of stack overflow checking
        x86: Panic on detection of stack overflow
        x86: Check stack overflow in detail
      541048a1
    • Linus Torvalds's avatar
      Merge branch 'x86-efi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · bcede2f6
      Linus Torvalds authored
      * 'x86-efi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86, efi: Break up large initrd reads
        x86, efi: EFI boot stub support
        efi: Add EFI file I/O data types
        efi.h: Add boottime->locate_handle search types
        efi.h: Add graphics protocol guids
        efi.h: Add allocation types for boottime->allocate_pages()
        efi.h: Add efi_image_loaded_t
        efi.h: Add struct definition for boot time services
        x86: Don't use magic strings for EFI loader signature
        x86: Add missing bzImage fields to struct setup_header
      bcede2f6
    • Linus Torvalds's avatar
      Merge branch 'x86-mm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · d0b9706c
      Linus Torvalds authored
      * 'x86-mm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/numa: Add constraints check for nid parameters
        mm, x86: Remove debug_pagealloc_enabled
        x86/mm: Initialize high mem before free_all_bootmem()
        arch/x86/kernel/e820.c: quiet sparse noise about plain integer as NULL pointer
        arch/x86/kernel/e820.c: Eliminate bubble sort from sanitize_e820_map()
        x86: Fix mmap random address range
        x86, mm: Unify zone_sizes_init()
        x86, mm: Prepare zone_sizes_init() for unification
        x86, mm: Use max_low_pfn for ZONE_NORMAL on 64-bit
        x86, mm: Wrap ZONE_DMA32 with CONFIG_ZONE_DMA32
        x86, mm: Use max_pfn instead of highend_pfn
        x86, mm: Move zone init from paging_init() on 64-bit
        x86, mm: Use MAX_DMA_PFN for ZONE_DMA on 32-bit
      d0b9706c
    • Linus Torvalds's avatar
      Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/davej/cpufreq · 02d92950
      Linus Torvalds authored
      * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/davej/cpufreq: (23 commits)
        [CPUFREQ] EXYNOS: Removed useless headers and codes
        [CPUFREQ] EXYNOS: Make EXYNOS common cpufreq driver
        [CPUFREQ] powernow-k8: Update copyright, maintainer and documentation information
        [CPUFREQ] powernow-k8: Fix indexing issue
        [CPUFREQ] powernow-k8: Avoid Pstate MSR accesses on systems supporting CPB
        [CPUFREQ] update lpj only if frequency has changed
        [CPUFREQ] cpufreq:userspace: fix cpu_cur_freq updation
        [CPUFREQ] Remove wall variable from cpufreq_gov_dbs_init()
        [CPUFREQ] EXYNOS4210: cpufreq code is changed for stable working
        [CPUFREQ] EXYNOS4210: Update frequency table for cpu divider
        [CPUFREQ] EXYNOS4210: Remove code about bus on cpufreq
        [CPUFREQ] s3c64xx: Use pr_fmt() for consistent log messages
        cpufreq: OMAP: fixup for omap_device changes, include <linux/module.h>
        cpufreq: OMAP: fix freq_table leak
        cpufreq: OMAP: put clk if cpu_init failed
        cpufreq: OMAP: only supports OPP library
        cpufreq: OMAP: dont support !freq_table
        cpufreq: OMAP: deny initialization if no mpudev
        cpufreq: OMAP: move clk name decision to init
        cpufreq: OMAP: notify even with bad boot frequency
        ...
      02d92950
    • Linus Torvalds's avatar
      Merge git://git.infradead.org/battery-2.6 · b24ca57e
      Linus Torvalds authored
      * git://git.infradead.org/battery-2.6: (68 commits)
        power_supply: Mark da9052 driver as broken
        power_supply: Drop usage of nowarn variant of sysfs_create_link()
        s3c_adc_battery: Average over more than one adc sample
        power_supply: Add DA9052 battery driver
        isp1704_charger: Fix missing check
        jz4740-battery: Fix signedness bug
        power_supply: Assume mains power by default
        sbs-battery: Fix devicetree match table
        ARM: rx51: Add bq27200 i2c board info
        sbs-battery: Change power supply name
        devicetree-bindings: Propagate bq20z75->sbs rename to dt bindings
        devicetree-bindings: Add vendor entry for Smart Battery Systems
        sbs-battery: Rename internals to new name
        bq20z75: Rename to sbs-battery
        wm97xx_battery: Use DEFINE_MUTEX() for work_lock
        max8997_charger: Remove duplicate module.h
        lp8727_charger: Some minor fixes for the header
        lp8727_charger: Add header file
        power_supply: Convert drivers/power/* to use module_platform_driver()
        power_supply: Add "unknown" in power supply type
        ...
      b24ca57e
    • Linus Torvalds's avatar
      Merge branch 'slab/for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/linux · 6296e5d3
      Linus Torvalds authored
      * 'slab/for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/linux:
        slub: disallow changing cpu_partial from userspace for debug caches
        slub: add missed accounting
        slub: Extract get_freelist from __slab_alloc
        slub: Switch per cpu partial page support off for debugging
        slub: fix a possible memleak in __slab_alloc()
        slub: fix slub_max_order Documentation
        slub: add missed accounting
        slab: add taint flag outputting to debug paths.
        slub: add taint flag outputting to debug paths
        slab: introduce slab_max_order kernel parameter
        slab: rename slab_break_gfp_order to slab_max_order
      6296e5d3
    • Linus Torvalds's avatar
      Merge tag 'md-3.3-fixes' of git://neil.brown.name/md · c086ae4e
      Linus Torvalds authored
      Two bugfixes for md.
      
      One is a recently introduced regression that affects an unusual
      configuration with a guaranteed BUG_ON.  Has been tagged for -stable.
      The other is minor missing functionality.
      
      * tag 'md-3.3-fixes' of git://neil.brown.name/md:
        md/raid1: perform bad-block tests for WriteMostly devices too.
        md: notify the 'degraded' sysfs attribute on failure.
      c086ae4e
    • Linus Torvalds's avatar
      Merge branch 'linux-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci · 7b67e751
      Linus Torvalds authored
      * 'linux-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci: (80 commits)
        x86/PCI: Expand the x86_msi_ops to have a restore MSIs.
        PCI: Increase resource array mask bit size in pcim_iomap_regions()
        PCI: DEVICE_COUNT_RESOURCE should be equal to PCI_NUM_RESOURCES
        PCI: pci_ids: add device ids for STA2X11 device (aka ConneXT)
        PNP: work around Dell 1536/1546 BIOS MMCONFIG bug that breaks USB
        x86/PCI: amd: factor out MMCONFIG discovery
        PCI: Enable ATS at the device state restore
        PCI: msi: fix imbalanced refcount of msi irq sysfs objects
        PCI: kconfig: English typo in pci/pcie/Kconfig
        PCI/PM/Runtime: make PCI traces quieter
        PCI: remove pci_create_bus()
        xtensa/PCI: convert to pci_scan_root_bus() for correct root bus resources
        x86/PCI: convert to pci_create_root_bus() and pci_scan_root_bus()
        x86/PCI: use pci_scan_bus() instead of pci_scan_bus_parented()
        x86/PCI: read Broadcom CNB20LE host bridge info before PCI scan
        sparc32, leon/PCI: convert to pci_scan_root_bus() for correct root bus resources
        sparc/PCI: convert to pci_create_root_bus()
        sh/PCI: convert to pci_scan_root_bus() for correct root bus resources
        powerpc/PCI: convert to pci_create_root_bus()
        powerpc/PCI: split PHB part out of pcibios_map_io_space()
        ...
      
      Fix up conflicts in drivers/pci/msi.c and include/linux/pci_regs.h due
      to the same patches being applied in other branches.
      7b67e751
  3. 11 Jan, 2012 8 commits
    • Ben Hutchings's avatar
      cpu: Register a generic CPU device on architectures that currently do not · 9f13a1fd
      Ben Hutchings authored
      frv, h8300, m68k, microblaze, openrisc, score, um and xtensa currently
      do not register a CPU device.  Add the config option GENERIC_CPU_DEVICES
      which causes a generic CPU device to be registered for each present CPU,
      and make all these architectures select it.
      
      Richard Weinberger <richard@nod.at> covered UML and suggested using
      per_cpu.
      Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      9f13a1fd
    • Ben Hutchings's avatar
      cpu: Do not return errors from cpu_dev_init() which will be ignored · 024f7846
      Ben Hutchings authored
      cpu_dev_init() is only called from driver_init(), which does not check
      its return value.  Therefore make cpu_dev_init() return void.
      
      We must register the CPU subsystem, so panic if this fails.
      
      If sched_create_sysfs_power_savings_entries() fails, the damage is
      contained, so ignore this (as before).
      Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      024f7846
    • Pekka Enberg's avatar
      5878cf43
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · 4f58cb90
      Linus Torvalds authored
      * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (54 commits)
        crypto: gf128mul - remove leftover "(EXPERIMENTAL)" in Kconfig
        crypto: serpent-sse2 - remove unneeded LRW/XTS #ifdefs
        crypto: serpent-sse2 - select LRW and XTS
        crypto: twofish-x86_64-3way - remove unneeded LRW/XTS #ifdefs
        crypto: twofish-x86_64-3way - select LRW and XTS
        crypto: xts - remove dependency on EXPERIMENTAL
        crypto: lrw - remove dependency on EXPERIMENTAL
        crypto: picoxcell - fix boolean and / or confusion
        crypto: caam - remove DECO access initialization code
        crypto: caam - fix polarity of "propagate error" logic
        crypto: caam - more desc.h cleanups
        crypto: caam - desc.h - convert spaces to tabs
        crypto: talitos - convert talitos_error to struct device
        crypto: talitos - remove NO_IRQ references
        crypto: talitos - fix bad kfree
        crypto: convert drivers/crypto/* to use module_platform_driver()
        char: hw_random: convert drivers/char/hw_random/* to use module_platform_driver()
        crypto: serpent-sse2 - should select CRYPTO_CRYPTD
        crypto: serpent - rename serpent.c to serpent_generic.c
        crypto: serpent - cleanup checkpatch errors and warnings
        ...
      4f58cb90
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security · e7691a1c
      Linus Torvalds authored
      * 'for-linus' of git://selinuxproject.org/~jmorris/linux-security: (32 commits)
        ima: fix invalid memory reference
        ima: free duplicate measurement memory
        security: update security_file_mmap() docs
        selinux: Casting (void *) value returned by kmalloc is useless
        apparmor: fix module parameter handling
        Security: tomoyo: add .gitignore file
        tomoyo: add missing rcu_dereference()
        apparmor: add missing rcu_dereference()
        evm: prevent racing during tfm allocation
        evm: key must be set once during initialization
        mpi/mpi-mpow: NULL dereference on allocation failure
        digsig: build dependency fix
        KEYS: Give key types their own lockdep class for key->sem
        TPM: fix transmit_cmd error logic
        TPM: NSC and TIS drivers X86 dependency fix
        TPM: Export wait_for_stat for other vendor specific drivers
        TPM: Use vendor specific function for status probe
        tpm_tis: add delay after aborting command
        tpm_tis: Check return code from getting timeouts/durations
        tpm: Introduce function to poll for result of self test
        ...
      
      Fix up trivial conflict in lib/Makefile due to addition of CONFIG_MPI
      and SIGSIG next to CONFIG_DQL addition.
      e7691a1c
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 5cd9599b
      Linus Torvalds authored
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        autofs4: deal with autofs4_write/autofs4_write races
        autofs4: catatonic_mode vs. notify_daemon race
        autofs4: autofs4_wait() vs. autofs4_catatonic_mode() race
        hfsplus: creation of hidden dir on mount can fail
        block_dev: Suppress bdev_cache_init() kmemleak warninig
        fix shrink_dcache_parent() livelock
        coda: switch coda_cnode_make() to sane API as well, clean coda_lookup()
        coda: deal correctly with allocation failure from coda_cnode_makectl()
        securityfs: fix object creation races
      5cd9599b
    • Al Viro's avatar
      autofs4: deal with autofs4_write/autofs4_write races · d668dc56
      Al Viro authored
      Just serialize the actual writing of packets into pipe on
      a new mutex, independent from everything else in the locking
      hierarchy.  As soon as something has started feeding a piece
      of packet into the pipe to daemon, we *want* everything else
      about to try the same to wait until we are done.
      Acked-by: default avatarIan Kent <raven@themaw.net>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      d668dc56
    • Al Viro's avatar
      autofs4: catatonic_mode vs. notify_daemon race · 87533332
      Al Viro authored
      we need to hold ->wq_mutex while we are forming the packet to send,
      lest we have autofs4_catatonic_mode() setting wq->name.name to NULL
      just as autofs4_notify_daemon() decides to memcpy() from it...
      
      We do have check for catatonic mode immediately after that (under
      ->wq_mutex, as it ought to be) and packet won't be actually sent,
      but it'll be too late for us if we oops on that memcpy() from NULL...
      
      Fix is obvious - just extend the area covered by ->wq_mutex over
      that switch and check whether it's catatonic *before* doing anything
      else.
      Acked-by: default avatarIan Kent <raven@themaw.net>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      87533332